What are the 7 principles of GDPR?
The General Data Protection Regulation (GDPR) sets out to protect and enable the privacy rights of individuals in the European Union. The 7 key principles of GDPR are:
1. Lawfulness, fairness and transparency: Personal data should be processed in a fair, legal, and transparent way. with the individual’s consent or based on legitimate interests.
2. Purpose limitation: Personal data should be collected for specific, explicit, and legitimate purposes and not used in a way that is incompatible with these purposes.
3. Data minimisation: Personal data collected should be relevant and limited to what is necessary.
4. Accuracy: Personal data should be accurate and kept up to date. You should take steps to review and update the information when necessary.
5. Storage limitation: Personal data should be stored for as long as necessary for legitimate purposes and shouldn’t be kept indefinitely.
6. Integrity and confidentiality: Personal data should be stored safe and secure by implementing technical and organizational measures in place.
7. Accountability: Your organization is responsible for compliance with all the GDPR principles, and for demonstrating compliance if necessary.